[GIT PULL] Security subsystem: integrity updates for v5.2

From: James Morris
Date: Thu May 09 2019 - 13:26:39 EST


>From Mimi:

"This pull request contains just three patches, the remainder are
either included in other pull requests (eg. audit, lockdown) or will
be upstreamed via other subsystems (eg. kselftests, Power).  Included
in this pull request is one bug fix, one documentation update, and
extending the x86 IMA arch policy rules to coordinate the different
kernel module signature verification methods."

The following changes since commit fe9fd2ef383c2f5883fcd3f7adce0de9ce2556ff:

Revert "security: inode: fix a missing check for securityfs_create_file" (2019-04-10 14:59:20 -0700)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-integrity

for you to fetch changes up to 2bfebea90dd5e8c57ae1021a5d1bb6c1057eee6d:

Merge branch 'next-integrity-for-james' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next-integrity (2019-04-12 15:20:23 -0700)

----------------------------------------------------------------
James Morris (1):
Merge branch 'next-integrity-for-james' of git://git.kernel.org/.../zohar/linux-integrity into next-integrity

Mimi Zohar (2):
x86/ima: require signed kernel modules
x86/ima: add missing include

Petr Vorel (1):
doc/kernel-parameters.txt: Deprecate ima_appraise_tcb

Documentation/admin-guide/kernel-parameters.txt | 5 ++---
arch/x86/kernel/ima_arch.c | 10 +++++++++-
include/linux/module.h | 5 +++++
kernel/module.c | 5 +++++
4 files changed, 21 insertions(+), 4 deletions(-)